Extended Authentication (Client-To-Site Vpn Only) - HP 7102dl - ProCurve Secure Router Configuration Manual
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
Using the Web Browser Interface for Advanced Configuration Tasks
(The configurations for mobile users are sometimes called an IKE mode
config pool.)
Extended Authentication (Client-to-site VPN Only)
If you select the mobile option, the wizard will take you to the Extended
Authentication window. Extended authentication (Xauth) requires remote
users to authenticate themselves individually in between negotiating the IKE
SA and the IPSec SA. Xauth is particularly important when you use preshared
keys for a client-to-site VPN. The same preshared key authenticates all remote
users, but the more people with whom you share a secret, the more vulnerable
the secret becomes. Xauth adds another layer of security by authenticating
each user with an individual username and password.
If you choose to use Xauth, the ProCurve Secure Router matches the mobile
user's username and password against one of two databases:
the router's local database
a RADIUS database
Figure 16-73. Enabling Xauth
Select the database you wish to use from the pull-down menu. If you do not
want to use Xauth, leave the pull-down menu at the Disable Xauth option.
Setting Up Virtual Private Networks
16-93
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
